﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Data.SqlClient;
using System.Collections;
using System.Data;
using Telerik.Web.UI;
using System.IO;
using System.Web.UI.WebControls;

namespace NCC_SOP.app_codes
{
    public class AuditUtil
    {
        public void auditLog_viewRpt(string rptId, string uid)
        {
            //string reportName = this.getNameByRptID(rptId);
            DateTime currDate = DateTime.Now;
            string currDtString = currDate.ToString("yyyy-MM-dd HH:mm:ss");
            string auditLog = "User accessing report (UserID:" + uid + ";ReportID:" + rptId + ") on " + currDtString + ".";

            dbConnection db = new dbConnection();
            using (SqlConnection SqlConnection = new SqlConnection(db.connectionStr))
            {
                string selectSQL = "INSERT INTO [ncc-sop].[dbo].[auditLog]([auditlog],[userID],[createdOn],[rptID]) VALUES (@auditlog,@userID,@createdOn,@rptID) ";
                SqlCommand cmd = new SqlCommand(selectSQL, SqlConnection);
                cmd.Parameters.Add("@auditlog", SqlDbType.VarChar);
                cmd.Parameters.Add("@userID", SqlDbType.VarChar);
                cmd.Parameters.Add("@createdOn", SqlDbType.DateTime);
                cmd.Parameters.Add("@rptID", SqlDbType.VarChar);

                cmd.Parameters["@auditlog"].Value = auditLog;
                cmd.Parameters["@userID"].Value = uid;
                if (rptId == null) { rptId = ""; }
                cmd.Parameters["@rptID"].Value = rptId;
                cmd.Parameters["@createdOn"].Value = currDtString;

                SqlConnection.Open();
                cmd.ExecuteNonQuery();
            }
        }

        public void auditLog_login(string uid)
        {
            DateTime currDate = DateTime.Now;
            string currDtString = currDate.ToString("yyyy-MM-dd HH:mm:ss");
            string auditLog = "User login system (UID:" + uid + ") on " + currDtString + ".";

            dbConnection db = new dbConnection();
            using (SqlConnection SqlConnection = new SqlConnection(db.connectionStr))
            {
                string selectSQL = "INSERT INTO [ncc-sop].[dbo].[auditLog]([auditlog],[userID],[createdOn]) VALUES (@auditlog,@userID,@createdOn) ";
                SqlCommand cmd = new SqlCommand(selectSQL, SqlConnection);
                cmd.Parameters.Add("@auditlog", SqlDbType.VarChar);
                cmd.Parameters.Add("@userID", SqlDbType.VarChar);
                cmd.Parameters.Add("@createdOn", SqlDbType.DateTime);

                cmd.Parameters["@auditlog"].Value = auditLog;
                cmd.Parameters["@userID"].Value = uid;
                cmd.Parameters["@createdOn"].Value = currDtString;

                SqlConnection.Open();
                cmd.ExecuteNonQuery();
            }
        }


        private string getNameByRptID(string rptID)
        {
            string result = "";
            dbConnection db = new dbConnection();
            using (SqlConnection SqlConnection = new SqlConnection(db.connectionStr))
            {
                string selectSQL = "select TableName from MetadataTables where tableID = " + rptID;
                SqlCommand cmd = new SqlCommand(selectSQL, SqlConnection);
                SqlConnection.Open();
                SqlDataReader reader = cmd.ExecuteReader();
                if (reader.Read())
                {
                    result = reader["TableName"].ToString();
                }
                reader.Close();
            }
            return result;
        }
    }
}